purecrypter | INVOICE, & REMITTANCE INFORMATIO[.]exe | Triage

Sharing

General

Target

INVOICE, & REMITTANCE INFORMATIO.exe
Size

108KB
MD5

61ce3c89c2578f45fccd23b556634adf
SHA1

fb4c545865c343e4fa1c3e289c68a432c5cbf307
SHA256

e6acd013f402294fb872251fc4ad72420d608afff59ba25d57efe2f812493096
SHA512

e16f72251be777f6230ae0da589970f0e24d783bf3a9243bf553720359ea96aed60c06b40f7e68622991652b469dbf2dbfd21a7f77aac1753e7afbe229a6681c
SSDEEP

3072:5Pyx4EtMJ+aoHibA4UbOB2P06J/RtfwXALweSaIKg/u3:5Ho8vUa2PjWXAsevg

Score

10^/10

purecrypter

Malware Config

Extracted

Family

purecrypter

C2

https://files.catbox.moe/gmiwb3.vdf

Signatures

Purecrypter family
purecrypter

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
INVOICE, & REMITTANCE INFORMATIO.exe

Files

INVOICE, & REMITTANCE INFORMATIO.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ